Vulnerabilities > CA > Unified Infrastructure Management > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-13820 Use of Hard-coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
network
low complexity
ca CWE-798
7.5
2018-08-30 CVE-2018-13819 Use of Hard-coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
network
low complexity
ca CWE-798
7.5
2017-03-20 CVE-2016-9165 Information Exposure vulnerability in CA products
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors.
network
low complexity
ca CWE-200
7.5
2017-03-07 CVE-2016-9164 Path Traversal vulnerability in CA Unified Infrastructure Management
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
ca CWE-22
7.5